public function apiDocsAction()
{
$apiRegistry = new Ot_Api_Register();
$endpoints = $apiRegistry->getApiEndpoints();
$apiMethods = array('get', 'put', 'post', 'delete');
$data = array();
$acl = new Ot_Acl('remote');
$vr = new Ot_Config_Register();
$role = $vr->getVar('defaultRole')->getValue();
if (Zend_Auth::getInstance()->hasIdentity()) {
$thisAccount = Zend_Auth::getInstance()->getIdentity();
if (count($thisAccount->role) > 1) {
$roles = array();
// Get role names from the list of role Ids
foreach ($thisAccount->role as $r) {
$roles[] = $acl->getRole($r);
}
// Create a new role that inherits from all the returned roles
$roleName = implode(',', $roles);
$role = $roleName;
$acl->addRole(new Zend_Acl_Role($roleName), $roles);
} elseif (count($thisAccount->role) == 1) {
$role = $thisAccount->role[0];
}
if ($role == '' || !$acl->hasRole($role)) {
$role = $vr->getVar('defaultRole')->getValue();
}
}
foreach ($endpoints as &$e) {
$data[$e->getName()] = array('name' => $e->getName(), 'methods' => array(), 'description' => $e->getDescription());
$reflection = new ReflectionClass($e->getMethodClassname());
$methods = $reflection->getMethods();
foreach ($methods as $m) {
// the api "module" here is really a kind of placeholder
$aclResource = 'api_' . strtolower($e->getName());
if (in_array($m->name, $apiMethods) && $m->class == $e->getMethodClassname() && $acl->isAllowed($role, $aclResource, $m->name)) {
$instructions = 'No instructions provided';
if ($m->getDocComment() != '') {
$instructions = $this->_cleanComment($m->getDocComment());
}
$data[$e->getName()]['methods'][$m->getName()] = $instructions;
}
}
}
$endpoints = array();
foreach ($data as $key => $val) {
if (count($val['methods']) != 0) {
$endpoints[$key] = $val;
}
}
$this->view->endpoints = $endpoints;
$this->_helper->pageTitle('API Documentation');
}
public function getRemoteResources($roleId = 0)
{
$roles = $this->getAvailableRoles();
$role = 0;
if ($roleId != 0) {
if (!isset($roles[$roleId])) {
throw new Ot_Exception('Requested role not found in the access list.');
}
$role = $roles[$roleId];
}
// Sets the denys for the role
$denys = array();
if (isset($role['rules'])) {
foreach ($role['rules'] as $rule) {
if ($rule['type'] == 'deny') {
$denys[$rule['resource']] = $rule['privilege'];
}
}
}
$result = array();
$filter = new Zend_Filter();
$filter->addFilter(new Zend_Filter_Word_CamelCaseToDash());
$filter->addFilter(new Zend_Filter_StringToLower());
$register = new Ot_Api_Register();
$endpoints = $register->getApiEndpoints();
// the Api $key is really kind of a "fake" key in that the Api module
// doesn't exist...it's simply a placeholder
$key = "api";
foreach ($endpoints as $endpoint) {
$controllerName = $endpoint->getName();
$resource = strtolower($key . '_' . $controllerName);
//$resource = strtolower($controllerName);
$result[$key][$controllerName]['all'] = array('access' => false, 'inheritRoleId' => '');
$noInheritance = false;
$inherit = $roleId;
$allows = array();
while (!$noInheritance) {
$iAllows = array();
$iDenys = array();
if (isset($roles[$inherit]['rules'])) {
foreach ($roles[$inherit]['rules'] as $rule) {
if ($rule['type'] == 'allow') {
$allows[$rule['resource']] = $rule['privilege'];
$iAllows[$rule['resource']] = $rule['privilege'];
} else {
$iDenys[$rule['resource']] = $rule['privilege'];
}
}
}
// Checks to see if the inheriting role allows the rource
if (in_array('*', array_keys($allows)) || isset($allows[$resource]) && $allows[$resource] == '*') {
/* Checks to see that even though the inheriting role allows the resource that the role in
* question doesnt specifically deny it.
*/
if (!(isset($denys[$resource]) && $denys[$resource] == '*')) {
$result[$key][$controllerName]['all']['access'] = true;
if (isset($iAllows[$resource]) && $iAllows[$resource] == '*') {
$result[$key][$controllerName]['all']['inheritRoleId'] = $inherit;
}
}
}
if (isset($roles[$inherit]['inheritRoleId']) && $roles[$inherit]['inheritRoleId'] != 0) {
$inherit = $roles[$inherit]['inheritRoleId'];
} else {
$noInheritance = true;
}
}
$result[$key][$controllerName]['description'] = "API Docs";
if (!isset($result[$key][$controllerName]['part'])) {
$result[$key][$controllerName]['part'] = array();
}
$methods = array('get', 'put', 'post', 'delete');
foreach ($methods as $action) {
if ($role != '') {
$holdingVar2 = $this->isAllowed($role['roleId'], $resource, $action);
$result[$key][$controllerName]['part'][$action]['access'] = $holdingVar2;
} else {
$result[$key][$controllerName]['part'][$action]['access'] = false;
}
$holdingVar3 = strtoupper($action) . ' method for ' . $resource;
$result[$key][$controllerName]['part'][$action]['description'] = $holdingVar3;
$noInheritance = isset($role['inheritRoleId']) && $role['inheritRoleId'] == 0;
$inherit = isset($role['inheritRoleId']) ? $role['inheritRoleId'] : '';
$result[$key][$controllerName]['part'][$action]['inheritRoleId'] = 0;
while (!$noInheritance) {
$iAllows = array();
$iDenys = array();
if (isset($roles[$inherit]['rules'])) {
foreach ($roles[$inherit]['rules'] as $rule) {
if ($rule['type'] == 'allow') {
$iAllows[] = $rule['resource'] . '_' . $rule['privilege'];
} else {
$iDenys[] = $rule['resource'] . '_' . $rule['privilege'];
}
}
}
if ($result[$key][$controllerName]['part'][$action]['access'] == false) {
if (in_array($resource . '_' . $action, $iDenys) && $result[$key][$controllerName]['part'][$action]['inheritRoleId'] == 0) {
$result[$key][$controllerName]['part'][$action]['inheritRoleId'] = $inherit;
}
} else {
if (in_array($resource . '_' . $action, $iAllows) && $result[$key][$controllerName]['part'][$action]['inheritRoleId'] == 0) {
$result[$key][$resource]['part'][$action]['inheritRoleId'] = $inherit;
}
}
if (isset($roles[$inherit]['inheritRoleId']) && $roles[$inherit]['inheritRoleId'] != 0) {
$inherit = $roles[$inherit]['inheritRoleId'];
} else {
$noInheritance = true;
}
}
}
}
return $result;
}
